Android: It was only a matter of time before an app like previously mentioned Firesheep came out for mobile devices to further prove how insecure many popular sites are. Like Firesheep, DroidSheep listens to network traffic and gain access to your online accounts.

Firefox: Firesheep sniffs out and steals cookies—and the account and identity of the owner in the…
Read more Read more

This means people running DroidSheep can use victims' accounts, gaining access to sites that don't use a secured and encrypted SSL connection (there was recently news of a flaw in SSL and TLS that may make HTTPS vulnerable too, but that's a separate issue). DroidSheep requires root privileges. While popular sites like Yahoo, Google, and Facebook now support encrypted HTTPS connections that aren't vulnerable to a tool like DroidSheep, there surely are hundreds of others that are.

We're not advocating you use DroidSheep to spy on your friends, family, and coworkers; it's just another reminder to assume that when you're on a public network anyone may be able to sniff out and steal your cookies and, hence, gain access to your online accounts and information. Your best recourse is to use VPN or SSH tunneling for secure browsing (see instructions for Android and iOS).